Hi all - We have a customer running dual Enterprise 250's, Checkpoint 2000 (Enterprise, Strong [using VPN]), Websense, a separate management station and Stonebeat FullCluster. The fw process on the machines pretty much hovers around 75-85% of CPU utilization. It has been suggested that we implement Active Mode TCP Streaming, UFP Caching and Kernel URL Logging to decrease the CPU utilization. There are quite a few caveats to this configuration, including: - Activation of Active Mode TCP Streaming is "less secure" than Passive Mode - UFP Caching has some issues of incorrectly caching some sites Has anyone seen any issues, or have anything good to say, about configuring FW1 in this manner? We have a few concerns and want to know that it works first. Thanks! Chris ----------------------------------------------------------------- Chris Labatt-Simon E-MAIL: [EMAIL PROTECTED] D & D Consulting, Ltd. WEB: http://www.dandd.com Albany, New York PHONE: (518) 218-0900 INTERNET CORE AND SERVICE PROVIDER SERVICES/UNIX/SECURITY/WAN/LAN Authorized Juniper, Extreme, Network Appliance and Cisco Partners ISP/CLEC/LEC Networks at Wire Speed http://www.coreservice.com ================================================================================ To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================================================
[FW1] fw process pegged/UFP Caching/URL Logging
Chris Labatt-Simon - D&D Consulting Sat, 17 Jun 2000 19:02:45 -0700
